The Heartbleed Aftermath Drags On: What Passwords You Need to Change Now

This week the web was rocked by a security bug called Heartbleed. In short, it’s a flaw in a commonly used security system that potentially two-thirds of websites use to keep information like your passwords secure.

As I mentioned yesterday, all you can really do about the flaw is change your passwords. But it’s best to wait to do that until a website has fixed everything. Otherwise you could very well be handing over your new password to an undetected attacker.

By now, most sites that were vulnerable to the flaw have patched it.

Some good news first: The login information for your bank is most likely safe. The following financial institutions have not been affected by Heartbleed: Bank of America, Chase, E*Trade, Fidelity, PNC, Schwab, Scottrade, TD Ameritrade, TD Bank, U.S. Bank, and Wells Fargo.

And now it’s time for everyone’s faaaaavorite game: What Passwords Do I Need to Change Today?

First up:

Email providersHere are the ones that were vulnerable:

• Yahoo Mail: Was affected! But patched. You should change your password.

• Gmail: Was affected! But patched. A Google representative told Mashable you need not change your password. But you should probably do it anyway, just in case.

And the ones that were not:

• AOL: Was not affected. You do not need to change your password.

• Hotmail/Outlook: Was not affected. You do not need to change your password.

• Facebook: Unclear! It has “added protections,” so it’d be best to change your password.

And one that was not:

• LinkedIn: Was not affected. You do not need to change your password.

Other important websitesHere are the ones that were vulnerable:

• Google: Was affected! But patched. Google says you don’t need to, but just to be safe, you should probably change your password for the following Google services: Search, Gmail, YouTube, Wallet, Play, Apps, and App Engine. Google Chrome and Chrome OS were not affected.

• Yahoo: Was affected! But patched. You should change your password.

• Dropbox: Was affected! But patched. You should change your password.

• OkCupid: Was affected! But patched. You should change your password.

• SoundCloud: Was affected! But patched. You should change your password.

• Wunderlist: Was affected! But patched. You should change your password.

• IFTTT: Was affected! But patched. You should change your password.

• Netflix: Was affected. But patched. You should change your password.